# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+"""Samba 4."""
+
__docformat__ = "restructuredText"
import os
def _in_source_tree():
"""Check whether the script is being run from the source dir. """
- return os.path.exists("%s/../../../samba4-skip" % os.path.dirname(__file__))
+ return os.path.exists("%s/../../../selftest/skip" % os.path.dirname(__file__))
# When running, in-tree, make sure bin/python is in the PYTHONPATH
import ldb
-import credentials
-import misc
+import glue
class Ldb(ldb.Ldb):
"""Simple Samba-specific LDB subclass that takes care
functions see samdb.py.
"""
def __init__(self, url=None, session_info=None, credentials=None,
- modules_dir=None, lp=None):
+ modules_dir=None, lp=None, options=None):
"""Open a Samba Ldb file.
:param url: Optional LDB URL to open
modules-dir is used by default and that credentials and session_info
can be passed through (required by some modules).
"""
- super(Ldb, self).__init__()
+ super(Ldb, self).__init__(options=options)
if modules_dir is not None:
self.set_modules_dir(modules_dir)
elif default_ldb_modules_dir is not None:
self.set_modules_dir(default_ldb_modules_dir)
+ elif lp is not None:
+ self.set_modules_dir(os.path.join(lp.get("modules dir"), "ldb"))
if credentials is not None:
self.set_credentials(credentials)
if session_info is not None:
self.set_session_info(session_info)
- assert misc.ldb_register_samba_handlers(self) == 0
+ glue.ldb_register_samba_handlers(self)
if lp is not None:
self.set_loadparm(lp)
#self.set_debug(msg)
if url is not None:
- self.connect(url)
+ self.connect(url, options=options)
+
+ def set_credentials(self, credentials):
+ glue.ldb_set_credentials(self, credentials)
+ def set_session_info(self, session_info):
+ glue.ldb_set_session_info(self, session_info)
- set_credentials = misc.ldb_set_credentials
- set_session_info = misc.ldb_set_session_info
- set_loadparm = misc.ldb_set_loadparm
+ def set_loadparm(self, lp_ctx):
+ glue.ldb_set_loadparm(self, lp_ctx)
def searchone(self, attribute, basedn=None, expression=None,
scope=ldb.SCOPE_BASE):
def erase(self):
"""Erase this ldb, removing all records."""
- # delete the specials
- for attr in ["@INDEXLIST", "@ATTRIBUTES", "@SUBCLASSES", "@MODULES",
- "@OPTIONS", "@PARTITION", "@KLUDGEACL"]:
- try:
- self.delete(attr)
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- # Ignore missing dn errors
- pass
-
basedn = ""
- # and the rest
+ # Delete the 'visible' records
for msg in self.search(basedn, ldb.SCOPE_SUBTREE,
"(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))",
["distinguishedName"]):
try:
self.delete(msg.dn)
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
+ except ldb.LdbError, (ldb.ERR_NO_SUCH_OBJECT, _):
# Ignore no such object errors
pass
res = self.search(basedn, ldb.SCOPE_SUBTREE, "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))", ["distinguishedName"])
assert len(res) == 0
+ # delete the specials
+ for attr in ["@INDEXLIST", "@ATTRIBUTES", "@SUBCLASSES", "@MODULES",
+ "@OPTIONS", "@PARTITION", "@KLUDGEACL"]:
+ try:
+ self.delete(attr)
+ except ldb.LdbError, (ldb.ERR_NO_SUCH_OBJECT, _):
+ # Ignore missing dn errors
+ pass
+
def erase_partitions(self):
"""Erase an ldb, removing all records."""
+
+ def erase_recursive(self, dn):
+ try:
+ res = self.search(base=dn, scope=ldb.SCOPE_ONELEVEL, attrs=[])
+ except ldb.LdbError, (ldb.ERR_NO_SUCH_OBJECT, _):
+ # Ignore no such object errors
+ return
+ pass
+
+ for msg in res:
+ erase_recursive(self, msg.dn)
+
+ try:
+ self.delete(dn)
+ except ldb.LdbError, (ldb.ERR_NO_SUCH_OBJECT, _):
+ # Ignore no such object errors
+ pass
+
res = self.search("", ldb.SCOPE_BASE, "(objectClass=*)",
["namingContexts"])
assert len(res) == 1
if not "namingContexts" in res[0]:
return
for basedn in res[0]["namingContexts"]:
- previous_remaining = 1
- current_remaining = 0
-
- k = 0
- while ++k < 10 and (previous_remaining != current_remaining):
- # and the rest
- try:
- res2 = self.search(basedn, ldb.SCOPE_SUBTREE, "(|(objectclass=*)(distinguishedName=*))", ["distinguishedName"])
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- # Ignore missing dn errors
- return
-
- previous_remaining = current_remaining
- current_remaining = len(res2)
- for msg in res2:
- try:
- self.delete(msg.dn)
- # Ignore no such object errors
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- pass
- # Ignore not allowed on non leaf errors
- except ldb.LdbError, (LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, _):
- pass
+ # Try and erase from the bottom-up in the tree
+ erase_recursive(self, basedn)
def load_ldif_file_add(self, ldif_path):
"""Load a LDIF file.
for changetype, msg in self.parse_ldif(ldif):
self.modify(msg)
+ def set_domain_sid(self, sid):
+ """Change the domain SID used by this LDB.
+
+ :param sid: The new domain sid to use.
+ """
+ glue.samdb_set_domain_sid(self, sid)
+
+ def set_schema_from_ldif(self, pf, df):
+ glue.dsdb_set_schema_from_ldif(self, pf, df)
+
+ def set_schema_from_ldb(self, ldb):
+ glue.dsdb_set_schema_from_ldb(self, ldb)
+
+ def convert_schema_to_openldap(self, target, mapping):
+ return glue.dsdb_convert_schema_to_openldap(self, target, mapping)
+
+ def set_invocation_id(self, invocation_id):
+ """Set the invocation id for this SamDB handle.
+
+ :param invocation_id: GUID of the invocation id.
+ """
+ glue.dsdb_set_ntds_invocation_id(self, invocation_id)
+
+ def set_opaque_integer(self, name, value):
+ """Set an integer as an opaque (a flag or other value) value on the database
+
+ :param name: The name for the opaque value
+ :param value: The integer value
+ """
+ glue.dsdb_set_opaque_integer(self, name, value)
+
def substitute_var(text, values):
"""substitute strings of the form ${NAME} in str, replacing
:param text: The text to search for substitution variables
"""
if not "${" in text:
- return
+ return
var_start = text.find("${")
var_end = text.find("}", var_start)
def valid_netbios_name(name):
"""Check whether a name is valid as a NetBIOS name. """
- # FIXME: There are probably more constraints here.
- # crh has a paragraph on this in his book (1.4.1.1)
+ # See crh's book (1.4.1.1)
if len(name) > 15:
return False
+ for x in name:
+ if not x.isalnum() and not x in " !#$%&'()-.@^_{}~":
+ return False
return True
-version = misc.version
+
+def dom_sid_to_rid(sid_str):
+ """Converts a domain SID to the relative RID.
+
+ :param sid_str: The domain SID formatted as string
+ """
+
+ return glue.dom_sid_to_rid(sid_str)
+
+
+version = glue.version
+
+DS_BEHAVIOR_WIN2000 = glue.DS_BEHAVIOR_WIN2000
+DS_BEHAVIOR_WIN2003_INTERIM = glue.DS_BEHAVIOR_WIN2003_INTERIM
+DS_BEHAVIOR_WIN2003 = glue.DS_BEHAVIOR_WIN2003
+DS_BEHAVIOR_WIN2008 = glue.DS_BEHAVIOR_WIN2008